Merge pull request #47 from reading-log/develop

쿠키에 토큰 값 저장 테스트

src/main/java/com/api/readinglog/common/oauth/OAuthSuccessHandler.java

@@ -2,6 +2,7 @@
 
 import com.api.readinglog.common.jwt.JwtToken;
 import com.api.readinglog.common.jwt.JwtTokenProvider;
+import com.api.readinglog.common.security.util.CookieUtils;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -25,12 +26,11 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 
         JwtToken jwtToken = jwtTokenProvider.generateToken(authentication);
 
-        /* TODO: 로그인 성공 후 발급 한 토큰을 Cookie에 담아서 클라이언트에게 전달 */
-        String targetUrl = UriComponentsBuilder.fromUriString("http://localhost:8080")
-                .queryParam("accessToken", jwtToken.getAccessToken())
-                .queryParam("refreshToken", jwtToken.getRefreshToken())
-                .build().toUriString();
+        // 액세스 토큰과 리프레시 토큰을 쿠키에 담기
+        CookieUtils.addCookie(response, "accessToken", jwtToken.getAccessToken(), 24 * 60 * 60); // 1일
+        CookieUtils.addCookie(response, "refreshToken", jwtToken.getRefreshToken(), 24 * 60 * 60 * 7); // 7일
 
+        String targetUrl = UriComponentsBuilder.fromUriString("http://localhost:5173/readinglog").build().toUriString();
         getRedirectStrategy().sendRedirect(request, response, targetUrl);
     }
 

src/main/java/com/api/readinglog/common/security/util/CookieUtils.java

@@ -0,0 +1,61 @@
+package com.api.readinglog.common.security.util;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.util.Base64;
+import java.util.Optional;
+import org.springframework.util.SerializationUtils;
+
+public class CookieUtils {
+
+    public static Optional<Cookie> getCookie(HttpServletRequest request, String name) {
+        Cookie[] cookies = request.getCookies();
+
+        if (cookies != null && cookies.length > 0) {
+            for (Cookie cookie : cookies) {
+                if (name.equals(cookie.getName())) {
+                    return Optional.of(cookie);
+                }
+            }
+        }
+        return Optional.empty();
+    }
+
+    public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) {
+        Cookie cookie = new Cookie(name, value);
+        cookie.setPath("/");
+        cookie.setHttpOnly(true);
+        cookie.setMaxAge(maxAge);
+
+        response.addCookie(cookie);
+    }
+
+    public static void deleteCookie(HttpServletRequest request, HttpServletResponse response, String name) {
+        Cookie[] cookies = request.getCookies();
+
+        if (cookies != null && cookies.length > 0) {
+            for (Cookie cookie : cookies) {
+                if (name.equals(cookie.getName())) {
+                    cookie.setValue("");
+                    cookie.setPath("/");
+                    cookie.setMaxAge(0);
+                    response.addCookie(cookie);
+                }
+            }
+        }
+    }
+
+    public static String serialize(Object obj) {
+        return Base64.getUrlEncoder()
+                .encodeToString(SerializationUtils.serialize(obj));
+    }
+
+    public static <T> T deserialize(Cookie cookie, Class<T> cls) {
+        return cls.cast(
+                SerializationUtils.deserialize(
+                        Base64.getUrlDecoder().decode(cookie.getValue())
+                )
+        );
+    }
+}

src/main/java/com/api/readinglog/common/web/WebConfig.java

@@ -12,6 +12,7 @@ public void addCorsMappings(CorsRegistry registry) {
         // TODO: cors 설정 좀 더 다듬기
         registry.addMapping("/**")
                 .allowedOriginPatterns("*")
+                .allowedOrigins("http://localhost:5173")
                 .allowedHeaders("*")
                 .allowedMethods("*")
                 .exposedHeaders("*")

src/main/java/com/api/readinglog/domain/member/controller/MemberController.java

@@ -3,13 +3,14 @@
 import com.api.readinglog.common.jwt.JwtToken;
 import com.api.readinglog.common.response.Response;
 import com.api.readinglog.common.security.CustomUserDetail;
+import com.api.readinglog.common.security.util.CookieUtils;
 import com.api.readinglog.domain.member.controller.dto.request.DeleteRequest;
 import com.api.readinglog.domain.member.controller.dto.request.JoinRequest;
 import com.api.readinglog.domain.member.controller.dto.request.LoginRequest;
-import com.api.readinglog.domain.member.controller.dto.response.LoginResponse;
 import com.api.readinglog.domain.member.controller.dto.request.UpdateProfileRequest;
 import com.api.readinglog.domain.member.controller.dto.response.MemberDetailsResponse;
 import com.api.readinglog.domain.member.service.MemberService;
+import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -39,9 +40,11 @@ public Response<Void> join(@ModelAttribute @Valid JoinRequest request) {
     }
 
     @PostMapping("/login")
-    public Response<LoginResponse> login(@RequestBody LoginRequest request) {
+    public Response<Void> login(@RequestBody LoginRequest request, HttpServletResponse response) {
         JwtToken jwtToken = memberService.login(request);
-        return Response.success(HttpStatus.OK, "로그인 성공!", LoginResponse.of(jwtToken));
+        CookieUtils.addCookie(response, "accessToken", jwtToken.getAccessToken(), 24 * 60 * 60);
+        CookieUtils.addCookie(response, "refreshToken", jwtToken.getRefreshToken(), 24 * 60 * 60 * 7);
+        return Response.success(HttpStatus.OK, "로그인 성공!");
     }
 
     @GetMapping("/me")